- Password Cracking - Computerphile
- End to End Encryption (E2EE) - Computerphile
- Why The Government Shouldn't Break WhatsApp
- How NOT to Store Passwords! - Computerphile
- How to Choose a Password - Computerphile
- YouTube Doesn't Know Your Password
- 2FA: Two Factor Authentication - Computerphile
- Hashing Algorithms and Security - Computerphile
- “Diffie-Hellman Key Exchange” in plain English
- Chip & PIN Fraud Explained - Computerphile

"It's nota web site will be breached, butif"when

Everyone knows that data in the cloud is not safe, that every site will eventually be hacked.
So we built an encryption algorithm
that protects your password data even **after** a site breach,
by encrypting your data with keys
only you know.

Even if a thief gets your data, they will not be able to read it, because they don't have your keys. They will have to try to hack them through trial and error which will take thousands of years.

We say with confidence ** "your passwords are safe, even after our site is breached"**.

Most other systems try to keep hackers __out__,
not prevent hackers from reading the data __after__ they've broken in.

**In fact, most systems use no encryption at all.**
Or if they do, there's only one for the entire system.
A hacker with access can read everything about everyone registered.
That's why you read about tens of thousands of accounts being compromised from one system after another:

- wired.co.uk: Billions of user's details have been exposed and made available
- Wired.co.uk: Yahoo, Adult Friend Finder, LinkedIn, Tumblr and Daily Motion all hacked in 2016
- 198 million Americans' personal information accidentally released.
- Hundreds of mobile websites and apps leak personal info.
- Wells Fargo leaks 50,000 clients' records.
- HUD exposed personal information of 500,000 individuals.
- Humboldt State University security breach.
- California Department of Justice Discloses Personal Information
- Uber leaks personal data for hundreds of drivers.
- and the list goes on.

But we encrypt your data
with keys only you know,
*"your passwords are safe, even after our site is breached"*

If the server can read the data, a hacker with access can read the data.

Any server that can reset your password, or send you your password, can read your data without knowing your password.

We can't read your data. Our servers can't read your data.
We need your keys in order to read your data.
And we don't keep them, so we __can not__ read your data.

We can't send you your password, nor can we reset it, because we need your keys in order to read the data.

Our encryption algorithm does not generate the same cipher text same way twice. A very short word, of four characters, for example, can produce 6 million encrypted results. Longer words or phrases increase in complexity astronomically.

During decryption, every character is dependent upon multiple parts of the encrypted string. If any single character is added, changed or removed from the encrypted text, or either of the encryption keys, it will make the text impossible to decipher.

So even if the algorithm is cracked, or stolen, it requires your unique encryption keys. Without them, as long as your keys follow our guidelines, the text can only be deciphered with a brute-force attack that takes years.

We're so confident in our algorithm, that we have an Algorithm Trial page that anyone can use, and that has a challenge, with a reward posted.

Most sites seem to think it's standard practice to allow you to reset your password if you forget it.

That is a __huge__ security flaw.

- Most data security threats are internal
- most breaches can be traced back to [internal] human error
- 50 percent of all security incidents are caused by people inside an organization
- The Biggest Cybersecurity Threats Are Inside Your Company
- internal actors were responsible for 43% of data loss
- Most breaches involve insiders

Once a hacker has access to the data, they have access to all of the information on the system, everything.

And breaking into a site isn't as difficult as some would have you believe. A long time ago I read an article on security breaches, and something like 80% at the time were found to be from people who had access to the system. By not keeping your encryption keys, your passwords are safe, even if our site is hacked.

Most sites store data with either no encryption, or with encryption common to the entire site. This is so they can read the data themselves, or send you a link to reset your password.

We don't.

We can't read your encrypted data.

Unfortunately this means that we can't reset your keys, or email them to you. Sorry.

If you've lost your keys, you will have to reset your passwords on every site you use. We think that's a small price to pay for true security.

If you follow our guidelines you shouldn't have trouble remembering your keys.

What you use for your encryption keys are critical, as they keep your passwords safe.

These guidelines will help you choose encryption keys that are easy to remember, but hard to guess.

Here's a discussion on hacking passwords if you want to read the basis for these guidelines.

We want a set of *"random"* words or phrases, that are easy to remember, and hard to guess.

Ideally you can come up with four to six words or phrases that are:

- Different "types" of words - across different databases
- Something you've never told anyone
- Impossible to identify with you
- at least some of them can't be found in a database
- easily remembered with a word or a few words of prompting

What kinds of words are easy to remember, but impossible to guess, that match the above criteria?

- The name of your first crush.
- The license plate number of your Grandad's car
- An old telephone number you remember from your youth.
- A date that no-one else knows, like your first kiss.
- A random phrase of mixed up words

Now you should have four to six words or phrases. The following are entirely fictional, but the kinds of things you might have:

- First crush: Marilyn Patricia Jacobs
- Dad's mini plate: AN4 3TY
- What Billy said when the frog jumped out of the bushes: The tree is throwing up frogs
- Shelley's phone: 2136764532
- First kiss name: Maggie Mae Martins
- First kiss date: 12/12/1978

We can set up the keys to be:

- Marilyn Patricia Jacobs AN4 3TY The tree is throwing up frogs
- 2136764532 Maggie Mae Martins 12/12/1978

and our reminder will be:

First key: full name of my first crush and dad's mini plate and what Billy said when the frog jumped out of the bushes

Second Key: Shelley's phone number and the full name of the first girl I kissed and the date I first kissed her

For years we've been told that the random characters make the best passwords, and they must have at least one capital letter and at least one number.

That's true to a point, a brute-force attack on an eight-character password without special characters will have to try 218,340,105,584,896 different passwords. Which is a lot. And with yesterdays computers only able to process a million (10^6) passwords per second, it would take 4 years to hack a password.

Today's computers, however, are much faster, more advanced processors can try a trillion (10^12) passwords per second, they can hack an eight character random password in about 2 minutes.

Adding special characters increases that a to about 50 minutes, still not enough.

However, every position we add, multiplies the number of combinations by 62 (or 94), so we're better off increasing the length of the password.

A sixteen-character password, for instance, requires sixteen_character_maths

There are 62 possible values in each position of a password, so an eight-character password has 218,340,105,584,896 combinations. As recent as a few years ago, a computer could process a million combinations per second, so that many combinations would take 218,340,105 seconds. There are 31,536,000 seconds in a year, so it would take 6.9 years to try every combination. The chances are, your password isn't going to be the very last one of the 2x10^14 passwords, so on average a hacker could discover an eight-character password in about 3 1/2 years.

But that's based on technology that's several years old. Today's computers are much faster, a thousand, and even a million times faster. In fact, today an average desk-top computer can process a billion combinations per second, and an advanced computer can do a trillion. If we divide that number of combinations by a trillion, we get 218 seconds, which is only 3 1/2 minutes. Half of that, two-minutes, is how long it will take on average to hack an eight-character password with today's computers.

Many sites now allow (some even require) special characters in a password, this is really just a stop-gap measure. Using special characters, there are 6,095,689,385,410,816 combinations. At one trillion combinations per second, that would take 6,095 seconds, divided by 60 seconds per minute, is 100 minutes. On average a hacker can discover an eight-character password, with special instructions, using today's computers in less than one hour.

There are 26 letters in the alphabet, and 10 numerals. We can have upper and lower case, so there are 26 plus 26 plus 10 possible characters (total of 62).

If we have two possible values, 0 and 1, and we have two positions, we have four possible combinations, 00, 01, 10, and 11. With three positions, we have eight combinations, 000, 001, 010, 011, 100, 101, 110, and 111. With four positions, there are sixteen combinations, 0000, 0001, 0010, 0011, 0100, 0101, 0110, 0111, 1000, 1001, 1010, 1011, 1100, 1101, 1110, and 1111. So each time we add a position, we multiply the number of possibilities by the two. If we have three possible values, 0, 1 and 2, and two positions, we have nine combinations, 00, 01, 02, 10, 11, 12, 20, 21, 22. With three positions, there are twenty-seven combinations, 0 in front of the nine above (000, 001, ... 022) plus 1 in front (100 through 122) plus 2 in front (200 through 222). So every time we add a position, we multiply the number of possible combinations by three. As you can see, with every position we add, we multiply by the number of possible values in each position. So, if we have five possible values, and four positions, we have 5 x 5 x 5 x 5 (5^4) possible combinations Since we have 62 possible characters, and eight positions, we have 62^8 possible combinations. 62^8 is 218,340,105,584,896.

With "normal" characters we have 62^8 combinations. Adding special characters gives us an additional 32 characters, so we have 94^8 combinations if we include special characters. 94^8 is 6,095,689,385,410,816.

Just like with an eight-character password a sixteen-character password
has 62^16 different possible values, that's 47,672,401,706,823,533,450,263,330,816 combinations.
At one trillion tries per second, that's 47,672,401,706,823,533 seconds.
There are 31,536,000 seconds in a year (60 seconds x 60 minutes x 24 hours x 365 days).
That's 1,511,681,941 **years** to try all of the combinations, about 750 million years on average (1/2 of the 1.5 billion years).
There's a big caveat to this number, that you should read.

You might think that since it's 750 million years to guess a sixteen-character password, you might as well use a fifteen-character password. Ater all, that would require 12 million years to guess (750 divided by 62). Or even a fourteen character password - 195,000 years. Or thirteen characters, 3000 years.

But you'd be making a mistake.

If the first character of your password happens to be the first one the hacker guesses... Let's say that the first character of your password happens to be the first one the hacker guesses. The easiest way for me to explain this is with an example. Let's say there are 3 positions, and your password is "abc". And the hacker starts with a, b, c, etc. through z, then A through Z then 0 through 9. They will try aaa, aab, aac, ... aa9, then aba through abc and they're done. They don't need to check any starting with b, they're done with just 64 tests, not 62^3 (238,328).

And since we don't know which character the hacker will start with, we can't guarantee that it will take any longer to guess a sixteen-character password than it does to guess a fifteen-character password.

So with thirteen characters, 3000 years, we really can only expect it to take at least 48 years. But we can expect computers to get faster. If they get 1000 times faster, or 1,000,000 times faster, that's not 48 years, it's only 25 minutes. Not near enough.

Back to sixteen-characters, allowing for the hacker to have selected a starting letter that matches our first letter, then it's the same as a fifteen-character password, 12 million years. Divided by 1,000,000 is still 12 years.

We can't expect to see a million fold increase in speed in the foreseeable future. fastest computer on the planet today

With 26 lower case letters (in English), 26 upper case letters, and 10 numbers, there are 62 letters and numbers. There are 32 special characters in the "normal" ascii character set. A one-character password, using normal characters, can be any of 62 different values. A two-character password can have any one of 62 different values for each of the 62 values that a one-character password can have. A three-character password can have any of 62 different values for each of the two-character password values. This goes on ad-infinitum. So a two-character password can have 62 times 62 different values, and a three-character password can have 62 times 62 times 62 different values. So a password of three characters has 62^3 values, and an eight-character password has 62^8 possible values. If we use special characters, then there are a maximum of 94 characters, and an eight-character password has 94^8 possible values. 62^8 equals 218,340,120,361,232. 94^8 equals 6,095,689,385,410,816. 94^8 divided by 62^8 equals 27.918. Using special characters increases the number of combinations by a factor of 28. 62^8 password tries divided by 1,000,000 tries per second is 218,340,120 seconds, divided by 60 seconds per minute is 3,639,002 minutes, divided by 60 minutes per hour is 60,650 hours, divided by 24 hours per day is 2,527 days divided by 365 days per year is 6.92 years. To try every single combination of eight normal characters at a rate of 1 million tries per second will take 6.92 years. Seldom will the password be the last one tried, in fact, on average it will take 1/2 of the time to find the password. So an eight-character password where only normal characters are allowed can be hacked in about 3 1/2 years if the computer can try 1 million passwords per second. If the computer can try 1 trillion passwords per second, which is 10^12, then instead of taking 218,340,120 seconds, it will only take 218 seconds. That's 3 1/2 minutes. So the average password will be hacked within 109 seconds or a minute and 49 seconds. By adding special characters to the mix, we will increase the time, but only by a factor of 28. 94^8 tries divided by 1 trillion tries per second is 6,095 seconds, divided by 60 seconds per minute is 101.59 minutes, divided by 60 minutes per hour is 1.69 hours.

So, an eight-character password can be hacked in less than 218 seconds. If we add special characters, this goes up to 102 minutes. But if we add a single character - a nine-character password, we multiply the 218 seconds by 62 instead of 28 - 225 minutes - 62/28 is more than double. Add another character, a ten-character password, multiply 225 minutes by 62 - 13,966 minutes - 232 hours. Add another charater, an eleven-character password, 14,432 hours, 601 days. A twelve-character password, 37,282 days, 102 years. A thirteen-character password, 6,332 years. A fourteen-character password, 392,642 years. A fifteen-character password, 24,343,844 years. And a sixteen-character password, 1,509,318,382 years.

But computers are getting faster and faster, aren't they? What if they can process a trillion-trillion passwords per second?

The fastest computer on the planet today can do 93 petaflops, 93 with 15 zeroes following floating point operations per second. That's 93,000 times faster than 1 trillion per second. Let's use that number, in fact let's round that number up to 100 petaflops, 100x10^15, which is 1x10^17. In fact let's multiply that by 10, and use 10^18. A sixteen-character password, at 10^18 tries per second would be 10^6 times faster than 1.5x10^9 or 1.5x10^3 or 1500 years. If a password is two-characters long, using normal characters, the first position can be any one of the 62 possible characters, the second character can be any one of the 62 possible characters, so there will be 62 times 62 possible combinations, 62 squared (62^2), which is 3,844. If the password is three-characters long, then each of the 3,844

26 lower case letters, plus 26 upper case letters plus 10 numbers equals 62 characters 62^8 equals 218,340,105,584,896 62 characters plus 32 special characters (some of which won't work in many systems, like quotes and back-slashes) equals 94 characters 94^8 equals 6,095,689,385,410,816 that's only 27.918 times more than 62^8 218x10^12 divided by 10^12 tries per second is 218 seconds, divided by 60 seconds per minute is 3.63 minues. The average password will be hacked in 1/2 of the time, or 1.8 minutes. 6x10^15 divided by 10^12 tries per second is 6,000 seconds, divided by 60 seconds per minute is 100 minutes. The average password will be hacked in 1/2 the time, 50 minutes.

to 6,095,689,385,410,816 (6x10^15) possible combinations, but that's only 100 minutes (1 hour and 40 minutes).

And if ten computers do the hacking, this is just ten minutes.

And so we need to increase the number of possible values dramatically, and we can do that by increasing to sixteen characters.

A sixteen-character password can have 4x10^28 different combinations of letters and numbers (without special characters).

If the fastest computer on the planet today were to try to hack that many combinations,
it would take more than 10,000 **years** (maths)

If the number of characters isn't known, the hackers first have to go through a one-character password, then two-character password, then three-characters, etc. all the way up to fifteen characters before they can even start doing sixteen character passwords.

Each time we shorten the password by one character, we divide the time required by 62. A fifteen-character password could be tested in 240 years, a fourteen-character password in 3.87 years, a thirteen-character password in 22 days, and a twelve-character password in 9 hours, and an eleven-character password in 8 minutes.

You might look at that and decide to use a fourteen-character password, or even a twelve-character one.

You'd be making a big mistake.

The hackers don't have to go through all of the possible combinations. They only have to try the combinations that fail. Eventually they're going to find the one that works.

For example, let's say your password is abcdefghijkl (12 characters), and they start with aaaaaaaaaaaa, then aaaaaaaaaaab, then aaaaaaaaaaac, etc. They only have to complete one set of ten, then two sets of nine, then three sets of eight, then four sets of seven, etc.

Why?

Starting with aa+aaaaaaaaaa, through aa+9999999999 before they increment the second character and now have positions one and two correct,
and they've done one full set of ten (for a twelve-character password).

Then they do aba+aaaaaaaaa through aba+999999999, then abb+aaaaaaaaa through abb+999999999, when they increment position three to c and now they have the first three positions, and they had to do two full sets of nine.

Sure, they don't know they have the correct first three positions, but they have them none-the-less.

Now they do abca+aaaaaaaa through abca+99999999, then abcb+ then abcc, and now they have the first four positions, after three sets of eight.

And this continues until they get to the last character, where they just have to do up to that character.

Eleven-characters only takes 8 minutes to hack, and ten only takes 8 seconds, so with a twelve-character password, if they happen to start with the character you start with, it's less than nine minutes before they know your password.

But if you use a sixteen-character password, as a minimum, and the first and second characters are not the same, you force them to take at least 240 years to find your password.

They will have to try one complete set of fourteen, then one complete set of thirteen,
then one complete set of twelve, then one complete set of eleven, etc.
which means it will take 8 minutes + 9 hours + 22 days + 3.87 years to discover this sixteen-character password.
**Not** "more than 10,000 years".
They will only have to try two sets of fourteen-character passwords before they'll reach abcdefghijklmnop.

How? The first character is a, and they start guessing with a, so they don't have to do all sixteen, because they'll find it after they've tested all of the other fifteen. That's easy to see.

A sixteen-character password, made up of upper and lower case letters and the numbers 0 through 10, with no special characters, could have any of 62 different values in each of the 16 positions of the password.

When determining how many possibilities there are in a combination,
you multiply the number possible in each position by the number possible in each position.

For example, if there are 2 possible values, 0 and 1, and we have 2 positions, then we can have 00, 01, 10 and 11, or 4 combinations.

But if we have 3 spaces, it's 000, 001, 010, 011, 100, 101, 110, 111, or 8 combinations - 2 x 2 x 2.

If we had 4 spaces it would be 2 x 2 x 2 x 2 or 16 combinations.

If we have 3 values, 0, 1, or 2, and 2 spaces, there are 3 x 3 (9) combinations, 00, 01, 02, 10, 11, 12, 20, 21, 22.

So 16 positions, with 62 possible values in each, is 62 times itself 16 times (62^16) which is 47,672,401,706,823,533,450,263,330,816.

Numbers that big get hard to work with, so let's truncate it at 47,000,000,000,000,000,000,000,000,000 which is 47 with 27 zeroes after it, which can be written 47x10^27.

The fastest computer on the planet today does (less than) 1x10^17 floating point operations per second. If a hardware decryption algorithm were to be created to mimic our software decryption algorithm in hardware, it could be possible for a decryption attempt to require a single floating point operation.

This is extremely unlikely, as there are a few hundred characters to be decrypted, so there are going to be several hundred operations per attempt. However, we're going to use 1x10^17 as the upper limit of what can be done per second, today.

If we divide the number of combinations by the number of tries per second, we'll get the number of seconds required to try them all.

47x1^27 divided by 1x10^17 is 47x10^10.

There are 60 seconds per minute, if we divide 470,000,000,000 (47 with 10 zeroes) by 60, we get 7,833,333,333 minutes.

Divide by 60 minutes per hour, and we get 130,555,555 hours.

Divide by 24 hours per day, and we get 5,439,814 days.

Divide by 365 days in a year, 14,903 years.

Which is more than 10,000 years.

which can be written as 18x10^18.
(93 petaflops rounded up to 100
were to try to hack that many combinations,
4x10^28 different combinations,
at 1x10^17 tries per second, it would take 4x10^11 seconds divided by 3x10^7 seconds per year
is 4/3 x10^4 years, 13,333 **years**
If the absolute fastest computer on the planet today were to try to hack 4x10^28 different combinations,
at 1x10^17 tries per second, it would take 4x10^11 seconds divided by 3x10^7 seconds per year
is 4/3 x10^4 years, 13,333 **years**
seconds per year
even without special characters
there are
If computers get just a little bit faster, or they use multiple computers to do the hacking, this could be reduced to just a few minutes, easily.
The absolute fastest computer on the planet today can't so more than 1x10^17 passwords per second,
petaflops
Adding special characters would increase that significantly,
however most people only use a few, like the underscore (_) or the dash (-) or comma (,) or period (.).
Adding five special characters to the mix, means there would be 318,644,812,890,625 combinations,
which would take 1,511,681,941 **years** to try all of them.
So even if computers get faster and faster, and are able to process 1x10^18 passwords per second,
it will take 1,511 years to go through all the possibilities.

There are 171,476 thousand words in current use in the English Language dictionary, If you've selected one word from the dictionary, at 1x10^12 tries per second, your word can be guessed in 0.00000017 seconds. Even if you change O's to zeroes and I's to ones and a's to 4s or @s, or any other "tricks" that you (and the hackers) know, you might increase that by a factor of 5 or even 10, but that's still less than one half of a second. But, if you use two words, there are 171,476 times 171,476 possible combinations (29,404,018,576), four words make 8x10^20 combinations, which would take 27 years at 1x10^12 tries per second. Six words make 2x10^31 combinations, 8x10^11 years.

And six words are easier to remember than sixteen random characters.

There are however, far fewer "common" words, so we need to avoid using only common words.

The Oxford Dictionary of First Names
claims to cover *"over 6,000 names in common use in English"*.
The Guardian says there are *"nearly 40,000 family names native to Britain and Ireland"*
If we use a first name, a middle name, and a surname, we have 6000 x 6000 x 50000 possibilities,
(1.8x10^11).
If we have two different names, we multiply one by the other and have 3x10^24 possibilities - 102,000 years at 1x10^12 tries per second.

A telephone number can be a few different lengths, in the USA it's 10 numbers, in the UK it can be between 9 and 13 numbers. Nine numbers is 10^9 possible combinations, thirteen numbers is 10^13 possible combinations.

License plate numbers are different the world over, but in general they range from five to nine characters in length. Five characters Upper and lower case letters plus 10 numbers, would be 9x10^8 combinations. Nine characters would be 1x10^15 combinations.

So let's take one semi-random phrase of any number of words, maybe four, plus two names, plus one telephone number, plus one license plate number. 8x10^20 (four words) times 3x10^24 (two names) times 10^9 (telephone number) times 9x10^8 (license plate number) is 2x10^63 combinations - and that's if you know the sequence of phrases. If you don't know the sequence of phrases (don't have access to the reminder text) it's that number ^5 or 4x10^316. But let's presume that they stole the algorithm and you're reminder text. 2x10^63 combinations at 1x10^12 tries per second is 2x10^51 seconds, divide that by 60 to get minutes, then by 60 to get hours, then by 24 to get days, then by 365 to get years, and you have 6.8x10^43 years. Let's assume that computers get to be 1 trillion times faster (1x10^12), then it will only take 6.8*10^31 years. Another trillion times faster (1x10^12), and it will only take 6.8x10^19 years. Another trillion times faster? 6.8x10^7 years, that's 680,000,000 - six hundred and eighty thousand years, and that's with computers being a trillion-trillion-trillion times faster than they are today

The fastest computer clock rate according to the guiness book of world records
according to wikipedia is 8.805 GHz.
1 gigahertz is
1 "hertz" is 1 cycle per second. One Kilohertz (khz) is 1024 hertz or cycles per second.
One MegaHertz is 1024*1024 hertz, and one Gigahertz is 1024*1024*1024, or 1,073,741,824 cycles per second.
8.805 GHz then, is 9,454,296,760 cycles per second.
It's not possible for an entyire decription algorithm to run within one clock cycle, but if it did,
the most attempts per second that can be made would be 9.5x10^9 tries per second.
We will round that up to 1x10^10 for our maths.
In fact let's even use 100 processors on the same board, making that 100 times faster, at 1x10^12, 1 with 12 zeroes after it, 1 trillion (or billion if you use thousand million)
according to comsol.com
*"the highest clock speeds — requiring cooling through liquid nitrogen — are stuck between 8.5 and 9 GHz"*,
in the same article, they discuss how computers are using multiple processors on the same board to get around a limitation
on the maximum clock speed. Currently computer manufacturers are putting as many as 15 processors on the same board.
The fastest computer on the planet as of June 2017, can do 93 petaflops, that's 93x10^15 floating point operations per second.
To make the maths easier, we are going to round that up to 100 petaflops, or 1x10^17.
If we assume that a computer can do an entire decryption algorithm in 1 operation (it can't) then
the absolute fastest that the fastest computer on the planet can try a password against an encryption algorithm is
1x10^17 times per second.
If we have 2x10^63 combinations, and we use the fastest computer on the planet,
with a miraculous ability to run an entire decription algoritm in one operation,
at a rate of 1x10^17 tries per second, it would complete all the combinations in 2x10^46 seconds.
There are 31,536,000 seconds in a year (60 seconds times 60 minutes times 24 hours times 365 days) - 3x10^7.
It will take 2x10^46 divided by 3x10^7 years to complete all of the combinations.
That's .667 x10^39 **years** using an impossible rate of trials.
which would take five minutes to go through.

So in order to make this take longer, we need to increase the number of characrers in the password, say to sixteen or twenty-four. At sixteen, without special characters, there are 47,672,401,706,823,533,450,263,330,816 variations A database list attack can be done very quickly, but a brute-force attack can take years.

The best way to ensure a brute-force attack is with either random characters or random words.

A set of random characters of sufficient length can take years to hack, but is extremly difficult to remember, as can a set of random words.

Don't be fooled into thinking that m4rc1@n is a good word (martian with 4 or @ for a 1 for i and c for the ch sound) because hackers have already thought about that, and make those substitutes when doing a database list attack. Nor does adding a few numbers before and after help much either.

We want to force a brute-force attack. The best We can do that either rather than a database list attack. Because a list attack can be done very quickly, but a brute-force can take years. There are two types of "passwords" that are difficult to hack.

- Those that are entirely random, of sufficient length
- Those that are made up of several random words or phrases

The best password would be something that's 256 characters long,
made up of entirely random letters and numbers and special characters.
Unfortunately that would be impossible to remember.
Entirely random are too difficult to remember, and that's why you want a password lock box system.
That leaves*"seemingly"* random words or phrases.
You want words or phrases that are easy for you to remember, but are impossible to guess.
And you want a few of these, that you then string them together to make a random list of words or phrases.

What kinds of words are easy to remember but impossible to guess?

- The name of your first crush. Most people have never told anyone the name of their first crush.
- The license plate number of your favourite car, or better still your Dad's or Grandad's.
- A phone number you remember from your youth, maybe it's a mate's or Grandma's.
- A date that's important to you, but not known by others, like your first kiss.

The point is to find something that you can remember easily enough, but that someone else would not be able to find out about you, even if they knew you very well. So don't use your anniversary, even from a previous marriage (like you'd want to be reminded of that every time you log in).

The reason they need to be random, and varied, is that hackers use databases to attack passwords now, a database of names, a database of places, etc. But if you've mixed up the words so that they're random, databases won't work because they need to know all the words in the list, and if some of the words are numbers (like dates or a phone number or a license plate), the database method falls short.

Let's assume you've selected list that's something like "Marilyn Roscamond, QS07 WDE, 2136764532, Maggie Mae Marvin, 12/12/1978". Now just split them into two parts, so that part one becomes "Marilyn Roscamond, QS07 WDE" and part two becomes "2136764532, Maggie Mae Marvin, 12/12/1978". And you have your two encryption keys. You don't need to use spaces or commas or slashes if you don't want to, and you can insert other special characters if you wish, maybe after the 1st character of each word. That's up to you. The point is that if you've selected some seemingly random words or phrases, it's near impossible for hacker to guess the words, so they're forced to use a brute-force attack.

There are some things you've never told anyone, and will never tell anyone, those are perfect for this!
Entirely random are too difficult to remember, and that's why you want a password lock box system.
That leaves*"seemingly"* random words or phrases.
You want words or phrases that are easy for you to remember, but are impossible to guess.
And you want a few of these, that you then string them together to make a random list of words or phrases.

What kinds of words are easy to remember but impossible to guess?

- The name of your first crush. Most people have never told anyone the name of their first crush.
- The license plate number of your favourite car, or better still your Dad's or Grandad's.
- A phone number you remember from your youth, maybe it's a mate's or Grandma's.
- A date that's important to you, but not known by others, like your first kiss.

The point is to find something that you can remember easily enough, but that someone else would not be able to find out about you, even if they knew you very well. So don't use your anniversary, even from a previous marriage (like you'd want to be reminded of that every time you log in).

The reason they need to be random, and varied, is that hackers use databases to attack passwords now, a database of names, a database of places, etc. But if you've mixed up the words so that they're random, databases won't work because they need to know all the words in the list, and if some of the words are numbers (like dates or a phone number or a license plate), the database method falls short.

Let's assume you've selected list that's something like "Marilyn Roscamond, QS07 WDE, 2136764532, Maggie Mae Marvin, 12/12/1978". Now just split them into two parts, so that part one becomes "Marilyn Roscamond, QS07 WDE" and part two becomes "2136764532, Maggie Mae Marvin, 12/12/1978". And you have your two encryption keys. You don't need to use spaces or commas or slashes if you don't want to, and you can insert other special characters if you wish, maybe after the 1st character of each word. That's up to you. The point is that if you've selected some seemingly random words or phrases, it's near impossible for hacker to guess the words, so they're forced to use a brute-force attack.

This is where the hacker tries to guess a password by using a database of words, including names and places.

For example, they might run through every word in the dictionary in lower case, then upper case, then with the first letter capitalised, etc.

And this kind of attack knows how to use zero (0) for O (oh) and 1 for i and 3 for e and 4 for a and @ for a, etc. So don't think that by changing your vowels to numbers you're preventing a database password attack.

They also try variations on spelling, so marcian is the same as martian. Basically if you can think of it, they've thought of it, probably twice and in more detail.

And they add numbers on the end, like ratio123, ratio101, etc.

The problem is that if your password can be found in the dictionary, there are only a few hundred thousand combinations, including adding a few digits on the end or beginning of the words. And a few hundred thousand combinations can be processed

This is where a hacker tries to guess a password by using all the possible combinations of passwords, one at a time, until they eventually discover the one that works.

If you're using seemingly random encryption keys you'll force them to try every character in every position.

With 26 upper case letters, 26 lower case letters, 10 numbers, and more than 30 special characters, there are more than 90 different characters one can use. A password that is one character long, can have 90 different values. A password of two characters long, can have 90 values in the second character for every one of the 90 values in the first character, or 90 times 90 possible values, which is 8100 combinations. A three character password would have 90 x 90 x 90 combinations (729,000), four characters 90^4, etc. In order for a hacker to find an encryption key that could be any length, from 2 to 1024 characters, they will have to try every combination from 2 characters up through the length of the encryption key used. So if the key is 16 characters long, they would have to try all of the 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, and 15-character combinations before they's start on the 16-character combinations. Even if your encryption key were "aaaaaaaaaaaaaaaa" (16 a's) and a was the first character they try in each position, it would take 90^2 + 90^3 + 90^4 + 90^5 + 90^6 + 90^7 + 90^8 + 90^9 + 90^10 + 90^11 + 90^12 + 90^13 + 90^14 + 90^15 attempts before they'd get to the first 16-character attempt. That's 2 x 10^29 tests, if they manage to do a quadrillion (1x10^15) tests per second, that works out to be 6,602,121 years. (By the way, I don't believe there's a computer in existence today that could run our algorithm a quadrillion times per second, but they could use multiple super-computers each doing a portion of the tests) That's the beauty of using long, seemingly random, passwords. If, however they assume there are only a couple special characters, like the underscore (_), the comma (,) and the slash (/), they might test with only 65 characters, and the first 16-character key would be tested after 1x10^27 attemps, or 50,306 years.

But what if the encryption key is 32 charcters long? with 90 characters per position, it's 3x10^60 combinations and 1x10^38 years.

This then is a ridiculous amount of computer power required in order to break the code to get into one person's passwords stored on our site. And once they've broken this code, they have to do it all over again for the next account.

We want to force a hacker to use a brute-force approach to get your passwords, having to guess every possible combination of letters.
A brute-force attack will guess every letter in the password, like this...
Assume the password is made up of upper and lower case letters and numbers, and maybe one or two special characters,
and doesn't include the ones that are hard to read like l (ell) and O (oh) or I (eye) because they're too much like 1 (one) and 0 (zero).
That makes 60 possible characters for every position in the password.
If the password is one character long, there are 60 possibles.
If it's two characters long, there are 60 possibles for the first position and 60 for the second position, giving 60x60 or 3600 possibles.
Double that to four characters, and we now have 3600x3600 (60x60x60x60 or 60^4) which is 12,960,000 possible passwords.
Double that to eight characters, and we now have 167,961,600,000,000 possible passwords.
If a hacker were able to steal the algorithm, and the data, and write a program that tested the algorithm with every possible combination of
letters, and able to get enough processing power to test 1 trillion (million-million - 1,000,000,000,000) passwords per second,
then in just under 168 seconds all of the possible combinations of 8-letter passwords would be tested.
But if we double that to 16 characters, and have to test 8, 9, 10, 11, 12, 13, 14 and 15 character passwords,
it will take that same program 909,730,000 **years** to test all of the possible combinations.

- We do not use local (your device) storage (Why?)
- Your passwords are safe from a web site security breach (HOW CAN YOU SAY THAT?)
- We do not populate passwords for you (Why?)
- We use a multi-step log in process (Why?)
- We store part of your key in a cookie and part in a temporary database (Why?)
- We do not keep your password on our system, not even a one-direction encryption of it (Why?)
- We never keep both of your keys together at the same time (Why?)
- We use a web server to store your
*encrypted*passwords (Why?) - We use a unique encryption algorithm (Why?)

The shortest answer to this question is a question, "what happens if you lose or damage your device?"

How will you recover your passwords if the only place you have them stored is no longer useable?

And if someone *finds* your phone, will they then have access to all of your accounts on all of the sites you visit?

Some password safes allow you to back up your password to the cloud, so you can recover them to a new device should yours fail. I don't know what you do between when you lose your device and when you get a new one set up though.

And what if you use multiple devices, maybe one at work, a desktop at home, an iPad on the road, and sometimes your phone? Some password safes do allow you to share your passwords across your devices, using the cloud.

**If you're using the cloud for cross-device sharing or for backup, you need to rely on the safe storage of your passwords.**
And trust that your passwords will be safe even when that web site is breached

We're unique in that we don't keep your encryption keys in our database.

This means that even if a hacker were to breach our security and obtain all of our files, and decipher our proprietary encryption algorithm the only way they can decipher your passwords is if they know your encryption keys, both of them, and in the correct sequence.

They could, if they managed to steal our algorithm, decipher the "reminder" text that we have stored for you. Which is why you want to be careful about what you put in your reminder text. But the only way to decypher your passwords would be to brute-force their way through your encryption keys, which is why we recommend complex encryption keys.

Even if they manage to brute-force their way into finding out one person's passwords, those keys won't let them access anyone elses passwords.

Again, we don't know your encryption keys, we don't store them anywhere, except temporarily and even then we keep them split in parts.

Not only that, but we don't track site URLs or site user names, so it's not possible for a hacker to connect a password with a site, as long as you follow our recommendations when putting in your information.

This is the most aggravating part of our system, why can't you simply click on one button and have the password safe software populate the log in form?

There are several password safe applications and sites that do exactly that, so why not?

Why, instead, do we help you to copy the password to the clipboard, so you can paste it in yourself.

Here's the main reason:
In order to populate a form the application has to know the URL, and the user name, and the password(s).
So it has to know everything required to access that site.
**Any application that knows enough to access a secure site should be treated with extreme caution.**

In order to prevent hackers from ever getting into your accounts, we do not store URLs or user names, we do not keep encryption keys on our server, we have a proprietary encryption algorithm, and each user's information is kept with complex encryption keys, unique to each user.

Additionally, and this is something that I don't believe other password safe systems have addressed very well at all, by requiring a plug in within a browser to read and write data into a browser window, the browser has been opened to access by any application or web site. This is a virus waiting to happen.

Three reasons actually, first, by asking for two different keys, in a random sequence, we're making it far more difficult for an automated system to provide the correct responses.

And second, by sending and receiving two seperate forms worth of data, that are not the same "event" on the network level, we're making it near impossible for a network sniffer to connect these two forms and record both of the encryption keys.

And finally, we actually add some semi-random characters to each of your encryption keys which makes the algorithm just that little bit more secure.

This is not the same as Multi-Factor authentication (wikipedia).

We combine your two encryption keys, plus some semi-random characters, into a long, single encryption key.

We don't want to store this key anywhere, because it's what allows our algorithm to decrypt your stored data. So what we do is encrypt it using our proprietary encryption algorithm, then split the result into two parts, then put one part in a cookie on your computer, and the other part is put in temporary storage on our server.

Neither part can be decrypted without the other - that's one of the advantages of our proprietary encryption algorithm - and none of your data can be decrypted without this key fully decrypted.

If someone read the cookie on your device, they would only have one part of an encrypted key that can **not** be decrypted.

If someone read the temporary storage, they would only have one part of an encrypted key that can **not** be decrypted.

To let you in on a little secret, in order to decrypt something our algorithm has encrypted, you need to take one character from the start, and one character from the end, and combine them, and then decrypt that result. So if you only have the front part or the back part, you don't have half of each character.

By keeping them separate we prevent anyone from ever decrypting your passwords. To do so, they absolutely have to have both of your encryption keys.

"Any site will eventually have it's security breached, right? So why store passwords on a server? Why not keep them on a private device? Or at least on a thumb drive?"

"Its not about ** if** a web site will be breached, but

These are two very compelling questions, and it would take a lot of convincing for me to want to store my passwords in the cloud. And that's exactly why I wrote this web site.

I wanted a system that allowed me to:

- Generate and store random passwords that I can then use to have a different random password for every site I use
- Feel safe copying a password into a log in form to do my internet banking, even from an internet cafe in Kenya or Namibia, or anywhere else in the world.
- Feel safe knowing that if someone were to get hold of my passwords, they would not be able to read them or use them

My first try was to generate random passwords and store that in a Windows Encrypted file. That works, except if you're somewhere that doesn't allow you to plug in a thumb drive.

Then I put the file on my phone, and that works, except that I have to read the phone and type the characters into the web page I'm logging in to. With the file backed up to a thumb drive, and not using lower case L (because it looks like a one) or capital O (because it looks like zero), then this works, as long as I don't lose my phone and someone is able to get into it to read my passwords.

That's when I decided to store the passwords in an encrypted file on a server, and while I'm at it, have the software generate random passwords, and be able to search, and store the result in the clipboard so all I have to do is paste into the form I'm logging in to.

The key thing though was to encrypt the data in a file that no-one will ever be able to decrypt. So the next several months were spent investigating encryption algorithms, and I came to the conclusion that the best algorithm would be proprietary

The 33 characters in the ascii character set that do not include upper and lower case letters or numbers:

! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~ and ' ' (blank space).Most systems have a problem with the double quotes (") being a part of their passwords, so they don't allow them,
therefore we generally think of there being 32 special characters.

It allows you to store ecrypted passwords so you don't have to remember all the passwords for all the web sites, applications, or systems that you use.

It utilizes a complex encryption algorithm, which requires two keys to unlock. These keys are *not known by anyone other than you*.

This means that even we can not read your passwords, because we don't know your encryption keys.

We do not keep both keys together at the same time.

When you put in one of your encryption keys during the log in process, we encrypt it, split it in half (approximately and randomly) and store one part in a cookie on your computer and the other part in temporary storage on our server. Then you put in the other of your keys and we decrypt the first one, combine it with the second, encrypt it, split it, and store part in a cookie on your computer and the other part in temporary storage on our server. Neither of these parts can be decrypted without the other part - the encryption algorithm requires information from both parts. And none of your data can be decrypted without both of these parts being combined and then decrypted. Additionally, we add a few semi-random characters into this mix so that we end up with a unique encryption key that we don't keep. Since we don't keep it, if our security were to be breached, and our algorithm "stolen" as it were, the thieves could not decrypt your passwords without knowing both of your encryption keys, which are not stored on our systems.

Therefore, your encryption keys are critical, and need to be something that a person isn't going to be able to guess. Don't use password1234 or anything like that... The best thing to do is to use a pair of encryption keys that are easy for you to remember, but something that others will not be able to guess. For example, the name of your first crush. It's not likely that you ever told anyone the name of your first crush, and most people remember them quite well. But for someone to guess that that name is, they'd have to find out the names of every person you've ever known, and try them all. Of course they could just try a database of names, but there are a couple things you can do to stop this from working as well (later). Another example might be the license plate number of the first car you remember, whether it was yours or maybe even your dad's. Yet another might be a phone number you remember from when you were a child. Or a lock combination. Come up with four of these names or words or sequences of numbers, you can use more if you want, the more the better. Choose some for your first encryption key and some for your second key. Hopefully you now have ten or more characters for each of your encryption keys. Maybe they're your favourite actress, your first car plate, you're first crush's phone number, name and birthday, and you split them into MarilynMonroeQS07WDE and 2136764532MaggieMae12/12/1978. These would be extremely difficult for someone to figure out, especially if you never told anyone about your crush on Maggie Mae, but rather easy for you to remember (assuming you remember this stuff to begin with).

We have all the standard stuff like a two-step log in process so that sniffers won't be able to put the two parts together, but we go beyond the normal processes.

- We do not store your password anywhere, we don't even store a one-directional encryption of your password (Why?)
- We use a two-step log in process to thwart sniffers (Why?)
- We put part of your encryption key in a cookie and part in temporary storage (Why?)

This is not an absolutely correct statement, it will generate the same text twice, but on average it will take 6 million attempts to get the same text twice for a 4-character source text. An 8-character text will require 6 million x 6 million, or 36 trillion (36 million-million if you prefer, or 36 x 10^12, or 36 with 12 zeroes after it) attempts to get the same text, and a 16 character text, would average 1,296 x 10^24 attempts before you see the same result twice.

We can read things like

- your user name
- your email address (if you've given it to us)
- your phone number (if you've given it to us)
- the reminder text you save
- and account administrative stuff like when your account expires

But we can ** not** read your encrypted data

- the names and passwords you save
- your verification information that you save

We don't keep your keys, so we can't decipher the information that's truly private to you.